Google has taken two steps to prevent its Chrome browser becoming an attack vector for malware that runs as extensions to the browser.

Like many other browsers, Chrome allows users to install “extensions”, apps that add functionality. Google even runs the “Chrome Web Store” to promote extensions.

Security outfit Webroot recently pointed out that some of the extensions in the store are illegitimate, data-sucking privacy invaders that trick users with offers to do things like change the colour of Facebook and then suck out all their data.

Google has responded in two ways, one of which is a new service “To help keep you safe on the web” that will see the company “analyzing every extension that is uploaded to the Web Store and take down those we recognize to be malicious.”

Changes are also coming in the forthcoming version 25 of the browser, which will no longer allow extensions to install without users’ knowledge. That’s currently possible because Chrome, when running on Windows, can is designed to allow unseen installs “to allow users to opt-in to adding a useful extension to Chrome as a part of the installation of another application.”

“Unfortunately,” Google now says in a blog post, “this feature has been widely abused by third parties to silently install extensions into Chrome without proper acknowledgement from users.”

Chrome 25 will therefore remove the auto-install feature, replacing it with a new system that presents the Windows Vista-esque screen below when extensions try to ingratiate themselves with the browser.

Hi! I’m the ghost of Windows Vista! Would you like to install this extension?

As ever, Google’s blog posts and support notice on the changes position them as responsible enhancements that show, yet again, Google is doing the world a favour.

A more critical analysis could consider the announcements in light of malware found in Google Play and take Google’s decision to more aggressively curate the Chrome Web Store as an admission it needs to devote more attention to this stuff, lest Chrome and other Google products become malware-ridden quagmires that users don’t trust. ®

Computerworld - Google on Friday said Chrome 25, now in development, automatically blocks browser add-ons installed on the sly by other software.

The measure mimics what rival Mozilla did for Firefox over a year ago.

Auto-blocking has already appeared in Chrome 25 for Windows on the “dev” channel — Google’s least-polished public version — which debuted last month. By the browser’s semi-regular release schedule, Chrome 25 will reach the final “stable” channel, and thus the bulk of users, in the second half of February 2013.

According to Peter Ludwig, a Chrome product manager, Chrome 25 will automatically disable any browser extensions silently installed by other software. Extensions previously installed by third-party software will also be barred from running.

Chrome users can switch on such extensions manually, or remove them from the browser and their PC.

Although Ludwig never used the word “security” in his Dec. 21 blog post, the change’s provenance was clear.

“[Silent installation] was originally intended to allow users to opt-in to adding a useful extension to Chrome as a part of the installation of another application,” Ludwig explained. “Unfortunately, this feature has been widely abused by third parties to silently install extensions into Chrome without proper acknowledgment from users.”

Google was more than a year behind rival Mozilla in banning extensions installed behind users’ backs. In Aug. 2011, Mozilla said Firefox 8 would automatically block browser add-ons installed by other software. Firefox 8 shipped three months later.

Add-ons bundled with third-party software had been a problem for Firefox users, who complained loudly when they found mysterious extensions on their computers.

Google has also made other moves this year to lock down extensions. As of Chrome 21, which launched last July, the browser will not accept add-ons installed directly from websites, but only from the Chrome Web Store. Previously, any website could prompt a Chrome user to install an extension.

“Online hackers may create websites that automatically trigger the installation of malicious extensions,” Google noted in a Chrome Help page that explained the new rules. “Their extensions are often designed to secretly track the information you enter on the web, which the hackers can then reuse for other ill-intended purposes.”

That security measure has not been foolproof, however, as a Facebook-theme scam detailed by Webroot last week illustrated: The rogue add-on was placed on the Chrome Web Store, even though Google had said on the same Help page that, “We have started analyzing every extension that is uploaded to the Web Store and take down those we recognize to be malicious.”

Extensions are plugins for Google Chrome and allow developers to add extra functionality to the Web browser. Many Chrome extensions are supremely useful, such as Ghostery, which quickly and easily detects and blocks Web trackers tagging your movements across the Web, the goo.gl URL shortener, and ViewThru, which displays the full URL when mouse-overing a shortenend link. Others, like the “Change Your Facebook Color” extension pointed out by Webroot, are privacy-violating scams peeping at the browsing history and data from other Web sites. Spam-spewing extensions also exist.

While many of the extensions are accidentally installed by users who were tricked into downloading it, many were installed without the user’s knowledge by other dodgy applications using Chrome’s auto-install feature. To address that problem, Google has removed auto-installs in the latest version of Chrome.

No More Auto-Installs Google originally included the auto-install feature to allow applications to install an additional Chrome extension during its own installation process. This was intended to simplify the installation process so that users didn’t have to add the extension manually afterwards.

“Unfortunately, this feature has been widely abused by third parties to silently install extensions into Chrome without proper acknowledgement from users,” Peter Ludwig, a product manager at Google, wrote on the Chrmoium blog.

Chrome (version 25 for those counting) will now block an application trying to auto-install an extension Google and display an alert informing the user about the new extension and list some of the things it can do (such as “Access your data on all Websites” and “Read and modify your bookmarks”).

Chrome 25 also automatically disables any extensions that were previously installed using the auto-install feature. If the user wants to re-enable the extension, the browser will display a one-time prompt explaining what each extension wants to do before allowing them to be turned back on.

Stopping Malicious Extensions Google also appears to have a new service which analyzes “every extension that is uploaded to the Web Store and take down those we recognize to be malicious,” according to the support pages for the Chrome Web Store. There isn’t a lot of information about the service at this time, so it’s not known whether Google is using an automated scanner similar to Google Bouncer checking app in Google Play (or if Bouncer itself is handling both markets).

Google has recently cracked down on extensions. Back in July, Google changed Chrome so that users could only install extensions found in the Chrome Web Store, and not from third-party sites.

Christmas 2012: Gifts under 6K

Priyanka Tilve General

While picking gifts isn’t an easy task in itself, it gets all the more challenging when you have to buy a gift within a limited budget. To make things easy for you, we have listed a few products under six thousand bucks; each of them is a worthy buy and you can’t go wrong with these.

5 Sites to compare prices

Priyanka Tilve General

Compare prices for products across online as well as offline…

Christmas 2012: Gift cool smartphone cases and skins

Naina Khedekar Mobile phones

We’ve listed some really cool options that would surely prove…

Most Discussed

Aakash 2: India’s low cost tablet dream come true?

G.O.T.Y. 2012: High-end Mobiles

How To: Rip a Blu-ray movie

Francis D’sa Software

Check out these three options to rip Blu-ray titles into full 1080p HD MKV files.

It is not uncommon for some users to see extensions installed without their knowledge on their Chrome browsers. In an official blog post though, Peter Ludwig, Product Manager at Google, acknowledges that users ought to know what extension they have enabled on their browser, since extensions at times can influence Chrome’s functionality and performance. Interestingly, according to Ludwig, it had been possible thus far to silently install extensions into Chrome on Windows using the Windows registry mechanism for extension deployment. While the feature had originally been in place to let users add a useful extension to Chrome together with the installation of an application, it was abused by third parties. It has been revealed that third parties silently installed extensions into Chrome without a user’s consent.

No more silent extension installs

Now though, two new features in Chrome 25 will allow users to run only those extensions that they want. As per latest changes, the extensions installed by third party programs with external extension deployment options will be set to disabled by default. This way, when a third party program installs an extension to Chrome, the Chrome menu will be badged, allowing users to click through the Chrome menu to see a dialog box with an option to allow the extension or remove it. Moreover, all the previously installed extensions will be automatically disabled. Chrome will now show a one-time prompt message to allow users to re-enable any of the extensions.

Earlier this year, there were reports about Google adding support for advertisements within extensions for the Chrome browser. This, of course, did not mean that Google would be adding ads to the browser, but an extension, for example, could choose to place ads within it. There are some rules that have been set in place to make sure that the feature isn’t exploited by the developers of extensions. For instance, the user was required to be informed that ads were being placed within the extension and that the ad did not tamper with the functionality of the site being viewed. Further, the developer could not force the user to click the ad or submit personal information to it in order to access the extension.

At the time, the move to implement ads was perceived as one likely to create some uproar, but with the rules and regulations in place, Google could minimise rogue extensions that tried to exploit the feature. It also opened up revenue possibilities for extension developers. Extensions on browsers have been free, so there’s close to no income that the developers receive. This recent move might change that.

The Chrome Web Store has just received several updates. These are not major changes, and upon first glance you might not see the difference, but these are changes worth knowing about, especially if you’re a developer, you like offline apps, or you live in Turkey, Ukraine, Egypt, Saudi Arabia, Morocco or the United Arab Emirates. If you live in one of these six countries, the Chrome Web Store is now available in your country, which means you can enjoy all the extensions and apps it has to offer. This also adds a substantial audience to existing apps in the store.

If you work with offline apps, or have developed one, you’ll be happy to know the Chrome Web Store now has a new section dedicated entirely to offline apps. Offline apps are apps that work regardless of your Internet connection, and the addition of this category means it’s now easier to find these apps among the huge available selection.

The last change in the Chrome Store has to do with usage stats, and is aimed at developers who would like to have better insight into their apps’ performance. Developers can now view a graph which can help them get a better understanding of how well their app is doing, for example how many times it’s been viewed, installed, etc. The data can be easily exported and downloaded as a CSV file. According the the Chrome development team, this is only the beginning for this feature, and we’ll see more capabilities added to it in the future.

Behind its no-frills, stripped-down exterior, the Google Chrome browser hides a wealth of useful features and functions.

Read on to discover some tips and tricks you can make use of to unlock the power of Chrome. Oh, and chip in with your own in the comments at the bottom.

1. Pin tabs

Pinned tabs shuffle along to the left-hand side of the screen, take up less room and in some cases (e.g. Twitter), they glow if there’s an update to the page. They also keep their places whenever you start up Chrome in the future. Right-click on a tab title to access the pin tab option.

2. Log out with incognito mode

Like most browsers, Chrome has an incognito mode that disables history logging. Open up an incognito window whenever you want to quickly check how a site — such as your Facebook page or Google+ profile — looks to someone who isn’t signed in as you. If you’re using Windows, Control+Shift+N opens a new incognito window.

3. Browse files

4. Search by site

All the usual Google operators apply in the Chrome omnibox. Type ‘site:’ followed by your keywords to restrict a search to a particular website, for example.

5. View background tasks

Chrome is powerful enough to have its own task manager. Hit Shift+Esc to see what’s running in the background (typically extensions and offline caching tools), alongside your open tabs, and how much CPU time and memory space each one is taking up.

6. Hide extensions

If you want to clean up the toolbar but don’t want to uninstall all your extensions, you can hide them instead (right-click, Hide button). This can come in very handy for extensions that work mainly in the background.

7. Change version

As well as the stable version, Chrome is available in three more versions, which get increasingly more cutting edge and less stable — Beta, Dev and Canary. Visit the Chrome Release Channels page to switch between them.

8. Use the keyboard

There’s a wealth of keyboard shortcuts that make Chrome easier and faster to use, but here we’ll just mention two of the most useful — Ctrl+click to open up a link in its own tab and Ctrl+W to close the current tab.

9. Add desktop shortcuts

Right-click on a web app on the New Tab page and choose ‘Create shortcut’ to add a link to it from the Start menu, desktop or taskbar.

10. Check memory usage

Enter ‘chrome://memory’ into the address bar to see where all of your RAM is going. Try ‘chrome://chrome-urls’ to see the other diagnostic shortcuts that are available.

11. Drag links

If you find clicking on links somewhat old hat, try dragging them to the omnibox or the tab bar.

12. Visualise bookmarks

Add bookmarks to the bookmarks bar, then remove their names in the Bookmarks Manager to be left with a row of compact favicon shortcuts.

13. Edit most visited sites

If there’s a thumbnail on the ‘Most visited sites’ page you no longer want to see, click the cross in the top right-hand corner of the image to replace it with the next most visited site in Chrome’s list.

14. Rearrange apps

Click and drag an app on the Apps page to change its position — drag to the far right to create a new page of apps.

15. Go full screen

See more of the web in full-screen mode — F11 toggles it on and off.

16. Change History

Head to chrome://chrome/history and you can remove specific pages from your browsing record via the check boxes and the ‘Remove selected items’ button.

17. Enlarge text

If your eyesight is poor or you’re using a huge monitor, you can increase the default text size via Settings Web content Font size.

18. Forget everything

Clear everything in Chrome’s memory by hitting Ctrl+Shift+Del, ticking all of the boxes (from history to cookies), selecting ‘the beginning of time’ as the timespan and clicking ‘Clear browsing data’.

19. Change the theme

Like Gmail, Chrome comes with a range of official and unofficial themes — click ‘Get themes’ on the Settings page to browse the selection.

20. Go further back

Click and hold on the back button to see a list of recently visited pages for the current tab.

21. Jump tabs

Hit Ctrl+ to jump to that tab in Chrome — Ctrl+2, for example, will open the second tab from the left.

22. Go offline

Keep emailing even when your online connection is down with Offline Gmail from the Chrome Web Store. Google promises more offline apps are on the way.

23. Analyse pages

Right-click on a web page and choose ‘Inspect element’ to see the HTML, CSS, JavaScript and other resources it’s made up from.

24. Import data

Chrome can import bookmarks, browsing history and more from Internet Explorer and Firefox via the Import bookmarks and settings option on the Bookmarks menu.

The Chrome Web Store is one of the nicer things about Google’s browser that really gives it an edge over the competition. Mozilla will be launching its own Firefox app store soon and Windows 8 has the Metro app store. Google is going to have to kick it up a notch to stay ahead.

In the spirit of staying ahead, Google has announced three new features hitting the Chrome Web Store today. The new features should benefit both the consumer and the developer in creating and delivering content across the Web.

The Chrome Web Store is now available in six additional countries – Turkey, Ukraine, Egypt, Saudi Arabia, Morocco and the United Arab Emirates. Consumers in these countries can now start to download apps. The bigger benefit, however, comes in the form of developers from these countries being able to sell apps on the Chrome Web Store to a global audience.

One of the nice things about the Chrome Web Store is that some developers allow their apps to work offline. A major problem arose in the form of not knowing which apps worked offline though. To combat this, Google has added a special collection called “Offline Apps.” Developers can easily add their apps to this collection by adding the offline_enable flag to their app’s manifest file.

The final feature is for developers only and it’s a good one at that. The developer dashboard now features a graph that shows you how many times an app has been viewed versus the number of installations. In typical Good Guy Google fashion, developers can already view up to 90 days of history via the graph. That history will probably be increased in the future according to Google.

Like I said, these features benefit both the consumer and the developer. While Mozilla and Microsoft still have some work to do on their respective app marketplaces, Google has the head start. That puts them into the enviable position of being able to immediately respond to any potential innovations implemented by the competition.

Google’s Chrome OSChromebooks are great for cloud-based computing — but what happens when you have a Chromebook with no cloud? Can Chromebooks actually work offline, or do they turn into pretty paperweights when the Internet goes off?

These are important questions to consider. Chrome OS, after all, is a platform built around the Web. But whether it’s on a plane or while visiting Uncle Jed’s country cottage, we all encounter times when Internet access isn’t available.

These days, using Chrome OS offline is almost a good experience. And most of the remaining gaps are set to be filled soon.

Right now, for example, you can get full offline access to Gmail; all you have to do is install the free Offline Google Mail app onto your Chromebook and complete a simple one-time setup. Then, anytime you’re offline, you just open the Offline Google Mail app and you’re good to go.

The offline Gmail interface looks a lot like the tablet Gmail interface. It allows you to read and search through your email, archive messages, and compose new messages or responses. Anything you do is synced to the cloud the next time you connect; the process is automatic and transparent.

Google Docs isn’t quite as good of a situation, but it’s getting there. Right now, Docs has partial offline access: You can view all of your saved documents and spreadsheets, but you can’t edit anything or create anything new. That’s obviously a problem, but it won’t be for long: Google says full offline Docs support for Chrome will be launched within the “next several weeks.”

Odds are, we’ll see full offline Docs support by the end of the month; remember, Google’s annual developers’ conference takes place June 27 through 29. That’d be a logical time for something like this to be unveiled. In the meantime, I’ve been using offline Gmail or the offline-ready Scratchpad note-taking app to fill the void (Scratchpad comes preinstalled on Chromebooks, and it even syncs to Docs when you’re online).

One minor annoyance I discovered is that Docs’ offline mode works only with files saved in the Google Docs format. I happen to have a lot of Microsoft Word and Excel files stored in my Docs account; while the regular online version of Docs allows me to view them, the offline version does not. Google Docs does make it easy to convert files into the Docs format when you’re online, at least — so if you’re planning to use Docs offline and have a lot of Word files floating around, that’s something worth thinking about in advance. (It’s also worth noting that offline Docs access requires a one-time initial setup; you can find the option in the gear dropdown menu at the top-right corner of the Docs app.)

Like Docs, Google Calendar currently has partial offline support. With Calendar, you can browse and view any calendars connected to your account and RSVP to existing invitations. (Like with Docs, too, you have to complete a one-time initial setup to enable offline access.) At the moment, however, you can’t create new events or invitations while working offline. A Google spokesperson tells me full offline Calendar support is in the works, but unfortunately, there’s no firm timeframe for that launch just yet.

Chrome OS offline: The other offline options

Beyond those Google-service basics, there are hundreds of third-party Chrome apps that work perfectly fine offline. Google has even created a section of its Chrome Web Store dedicated to apps with offline capabilities; I counted nearly 900 items in it this morning. (You can always tell if an app is offline-friendly by looking for the gray lightning bolt symbol anywhere in the Chrome Web Store.)

At this point, the notion of a Chromebook becoming a paperweight when offline is simply misconstrued. Once full offline Docs support arrives (which, again, is set to happen in a matter of weeks), the number of significant holes remaining will become very slim. Full calendar-editing functionality is still pending, and that’s a bummer — but it hardly constitutes paperweight status.

Chrome OS may be a cloud-based platform, but these days, Google’s Chromebooks remain perfectly capable when they’re away from the cloud.

For much more on Google’s newly revamped Chrome OS and Chromebook experience, check out the rest of my two-week Chrome OS experiment:

Google Chrome users: Watch your sync habits. The browser’s ability to synchronize tabs across different computers could be used by a malicious attacker to eavesdrop on personal or corporate communications.

The tab-synchronization capability appeared last month in the latest version of the Google Chrome browser, and allows users to synchronize their open browser tabs across devices. As a result, users can log into any version of the Google Chrome browser–on home PCs, work PCs, or mobile devices–and access their saved tabs.

Unfortunately, the same would go for malware. “Consider the following scenario: The user is signed in to Chrome on both work and home computer. … The home computer gets infected by a malware. Now all of the work synced data (such as work-related passwords) is owned by the malware,” said Rob Rachwald, director of security strategy at Imperva, in a blog post.

“We name this kind of threats BYOB for ‘Bring Your Own Browser,’” he said. “While BYOD creates challenges of mixing work data and personal end points, BYOB does exactly the same–but it’s more elusive as there’s no physical device involved.”

Furthermore, IT departments could have difficulty successfully spotting and blocking malware that infiltrates the enterprise in this manner, especially given the number of attacks that could be launched from an infected home PC. “Even if the malware gets disinfected on work computer, the malware is able to infect over and over again–as the root cause of the infection–the home computer–is outside of the reach of the IT department,” Rachwald said.

Two Ways In

Google didn’t immediately respond to a request for comment about the feasibility of this attack, or steps that users could take to mitigate this type of threat. To be sure, this is a theoretical attack; no such Chrome-targeting malware campaign has been seen in the wild. But malware could potentially piggyback into a corporate environment, using Chrome tabs, in two ways.

The first exploit technique would be if “the malware changes the homepage or some bookmark to point to a malware-infection site on the home computer,” said Rachwald. “Settings are synced to your work environment. When you open your browser at work, you get infected with some zero-day drive-by download.” In this scenario, attackers could instruct the malware to keep attacking the corporate network, and even vary the attack being used, in an attempt to evade defenses. This would be difficult for a business to stop with complete reliability.

“Even if the malware gets disinfected on work computer, the malware is able to infect over and over again, as the root cause of the infection–the home computer–is outside of the reach of the IT department,” he said.

Another potential attack vector would be if the malware installed a rogue Chrome extension, and such extensions have appeared on the official Chrome Web Store in the past. As Google notes, “anyone can upload items to the Chrome Web Store, so you should only install items created by people you trust,” and by reviewing the ratings and reviews for an extension to help deduce whether it’s reliable. Google quickly removes any malicious Chrome extensions, once they’re spotted. But until that happens, any malicious extension is able to operate with impunity.

“Chrome extensions are evil,” noted Felix “FX” Lindner, head of Recurity Labs in Berlin. That comment came during a talk he delivered at Black Hat Europe earlier this year, in which he highlighted how Chrome extensions can be used by an attacker to inject JavaScript directly into the browser. What’s more, any users who sign into Chrome on a different workstation will have their extensions automatically installed on the current PC. As a result, a malicious extension installed at home could easily appear on a workplace PC, creating a vulnerability similar to the one that Rachwald highlighted.

Why are malicious Chrome extensions so dangerous? “If you have an extension installed, it has … pretty much omnipotent control over your Chrome browser,” said Lindner, speaking by phone. “Google tries to prevent the extension from accessing your extension manager, but we’ve found ways to do it. Google fixed them, but I’m pretty confident that there are other ways.”

Preventing users from installing Chrome extensions is nearly impossible. For starters, while the IT department can issue its own Chrome build, and set it to block extensions, you can install and run your own installation of the browser on any PC for which you have permission to write to the home directory–no administrator rights required.

Security defenses also won’t spot malicious extensions. “This all being JavaScript and HTML, the corporate antivirus is not going to catch it–on top of the fact that you’re downloading the extension via SSL from Google’s Web store,” said Lindner. “Unless corporate [IT] breaks SSL for you, they’re not going to see it anyway.

Since the browser’s preferences are handled with JavaScript, a malicious extension could automatically–and without a user being aware–install and run arbitrary code in the browser. For example, the extension might unleash a Trojan application that recorded everything the user did, or open a malicious website in the browser. Furthermore, if this extension was first installed at home, it would automatically get pushed to work when the user logged in there.

Attackers aren’t the only concern for Chrome users, as the Google tab synchronization feature could also be used during digital forensic investigations. “Imagine there’s a case against you at work, and they do forensics, and they get all of your accounts at home,” said Lindner.

But the bigger picture, he said, is that users should consider the security implications of synchronizing information between Chrome tabs or even between Google services. “I’m really not sure who would want to: a) give all this information to Google, and then, b) actually sync it onto every single machine they’re using,” Lindner said. “So much for defense. But maybe I’m the wrong person to ask–I don’t even have a Google account. Wrong religion.”

GOOGLE has launched a localised version of its Chrome Web Store, which offers apps made by local developers. Best accessed via Google’s own speedy Internet browser Chrome, the store is located at the link http://chrome.google.com/webstore.

The Chrome Web Store apps are classified under Business Tools, Education, Entertainment, Games, News Weather as well as Social Communication, among others. Some of the local apps available are from AirAsia and Maybank, as well as popular Malay tech portal Amanz.my.

According to Sajith Sivanandan, country manager of Google Malaysia, the Chrome Web Store has expanded into more than 30 countries and more
than 200 million people around the world are using the Chrome browser.

“A check with GS Statcounter indicates that Chrome is used by 44 per cent of desktop Internet users in the country. With the launch of a localised Web Store here, we hope to see tens of thousands of local apps on the Chrome Web Store for Malaysians in the future,” says Sivanandan.

He adds that Google also has plans to heighten the awareness of Chrome Web Store among local developers here.

Chrome Web Store also offers extensions and themes for customising a user’s web browsing experience. One of the extensions is PrayOnTime, which displays the Islamic prayer times for the user based on his location. Themes, on the other hand, offers changing backgrounds on the Chrome browser for a personal touch.

2. Online safety awareness

DIGI Telecommunications held a series of workshops at its Community Broadband Centres located around Terengganu recently to raise awareness on online child safety.

The workshops are part of the DiGi CyberSAFE Programme.

Jennifer Neal, DiGi’s head of Eastern Region said as a leading enabler of Internet in the country with over five million active mobile Internet subscribers, the company feels responsible to educate communities around the country to ensure that they have a safe, family-friendly Internet experience.

“While we encourage local children and communities to explore the wonders of the Internet, we also need to equip them with practical knowledge on how to stay safe online. DiGi will continue to work closely with the Ministry of Education, CyberSecurity and Childline to raise awareness of this important issue.”

This Terengganu leg of the programme marks its first outreach to communities in the east coast of Peninsular Malaysia. The programme that kick started in Klang Valley in November 2011, has since reached 2,300 students, teachers and parents from 117 schools in the Klang Valley, Putrajaya, Selangor, Negri Sembilan, Johor and Malacca.

Through DiGi CyberSAFE Programme’s partnership with Childline Malaysia, children are also provided with access to the 15999 Childline, a 24-hour telephone helpline for children to call should they encounter online threats.

For more information on the DiGi CyberSAFE Programme, visit www.cybersafe.my/dcp.

3. Redesigned Friendster targets hip gamers

MOL Global has unveiled a new-look Friendster, with new features and a strong focus on games.

Ganesh Kumar Bangah, MOL’s group chief executive officer, says the new Friendster is positioned as a social discovery and gaming platform that also offers rewards to users.

“We currently have four million unique active visitors every month and we are targeting to increase this number to 10 million a month by year end,” Ganesh says.

Friendster offers high quality social games with a library of 56 titles along with tools for connecting, chatting, playing and competing with other players. It also leverages on MOL Global’s strength in online payment services to offer

Friendster Coins payment system for users to buy items within a game and pay for other content, as well as allow developers to monetise their apps.

“I do not agree with the opinion that Asian gamers and app users do not like to pay for their contents. At MOL where Asia is our strongest market, we even have ‘whales’ who spend over RM1,000 a month for their games, and on average we earn between RM150 and RM200 per month per user,” Ganesh says.

At the launch, Ganesh also highlighted two spin-off media products that are based on the Friendster brand, which is the Friendster iCafe and Friendster hotspot.

The Friendster iCafe is a cybercafe management system which integrates cybercafe computers, customers, accountings and billing needs into one, while the Friendster hotspots allow retailers to add free WiFi infrastructure to enhance customer experience.

In Malaysia, Friendster hotspots has helped outlets such as Starbucks, Old Town White Coffee, Kenny Rogers Roasters and Papa John’s offer WiFi connectivity to their customers.

Through the Friendster local developer programme, developers can make use of Friendster’s comprehensive application programming interface to build, test and deploy games to Friendster’s players.

“I hope to see more local developers develop games for the 4.5 million active Friendster users,” expresses Ganesh.

4. SOTA gets new brand identity

CREATIVE Advances Technology has announced a new brand identity for its online travel portal SOTA.travel in line with its objective of making travel packages worldwide more accessible to everyone online.

SOTA is now known as Smart Online Travel Assistant. There’s not only a change in the logo but a new look and feel.

The new look is aimed at presenting SOTA as a more consumer-focused online travel portal, moving from the initial focus of providing an online platform for the sellers in the travel industry to one that focuses on reaching the buyers in the travel market.

The revamped travel portal, www.sota.travel, comes with improved navigation and seamless user experience for the travel buyers. The portal also incorporates other value-added features such as tips for travellers, recommendations on travel bargains as well as weather forecasts and calendars for smarter planning.

The rebranding exercise includes a media blitz between May and October via print and online media channels.

A mid-year school holiday promotional travel campaign was also launched during the announcement of the new brand. The campaign runs from May 17 to 31and features attractive travel packages to destinations such as Bali, Phuket, Osaka and Australia.